Skip to content
View alicangnll's full-sized avatar
💭
I may be slow to respond.
💭
I may be slow to respond.
74 followers · 9 following

Achievements

Achievement: StarstruckAchievement: QuickdrawAchievement: Pull SharkAchievement: Arctic Code Vault Contributor

Achievements

Achievement: StarstruckAchievement: QuickdrawAchievement: Pull SharkAchievement: Arctic Code Vault Contributor

Block or report alicangnll

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
alicangnll/ReadMe.md

💫 About Me:

I have been trying to specialize in Cyber Security since 2015.

  • In 2018, I was first awarded the "Hall of Fame" award by Intel because I found a Stored XSS vulnerability on the website.
  • In 2019, RCE vulnerability I found in Roxy Fileman 1.4.5 software was included in the CVE MITRE system with the code "CVE-2019-7174".
  • In 2019, the Cross Site Request Forgery vulnerability I found in version 1.0.0.12 of the AirTies Air 5341 router model was included in the CVE MITRE system with the code "CVE-2019-6967".
  • In 2019, the Cross Site Request Forgery vulnerability I found in version 1.00 (AAXM.6)C0 of the Zyxel NBG-418N v2 router model was included in the CVE MITRE system with the code "CVE-2019-6710".
  • In 2022, the Cross Site Scripting vulnerability I found in the Metro UI software was included in the CVE MITRE system with the code "CVE-2022-41376"
  • In 2022, I found a Stored XSS vulnerability in the "0.3.7" version of the "Crontab" module of the pfSense Firewall software, and I reported it to Netgate and helped solve the problem.
  • In 2022, I also found various vulnerabilities in Bosch company and RMIT University, but unfortunately these vulnerabilities were considered "Informal".
  • In 2023, I was included in the "Hall of Fame" list due to the vulnerability I found on the Cisco company's website.

In 2021, I started working as a Cyber Security Specialist at Defans Security. Within the company,

  • Web Penetration Tests (PHP, Python, JavaScript, ASP.NET etc.),
  • LAN and WAN Network Penetration Tests (Servers, Storages, Firewalls, Switches, Virtual Machines, etc.),
  • Cloud Penetration Tests (AWS and Azure),
  • For the SOC team with EDR / XDR configurations,
  • IDS / IPS configurations of Sophos, Fortigate and pfSense firewall devices and software,
  • Wazuh SIEM installation
  • Wazuh SIEM configurations
  • Wazuh SIEM rule writing and updating the rules.
  • Splunk SIEM installation
  • Splunk SIEM configurations
  • Splunk SIEM rule writing and updating the rules.

Never considering myself sufficient, I continue my path of learning in the light of my past experiences.

🏆 Hall of Fame(s):

  • Cisco - Hall of Fame (2023)
  • CVE MITRE - CVE-2022-41376 (2022)
  • pfSense - pfSense Firewall 2.6.x-2.5.x Cross-site Scripting (2022)
  • CVE MITRE - CVE-2019-6710 (2019)
  • CVE MITRE - CVE-2019-6967 (2019)
  • CVE MITRE - CVE-2019-7174 (2019)
  • Intel - Certificate of Appreciation (2018)

💻 Tech Stack:

PHP JavaScript Flask Python C# HTML5 SQLite MySQL Postgres Canva NumPy TensorFlow scikit-learn PyTorch LINUX ElasticSearch Raspberry Pi

🏆 GitHub Trophies


💻 My Computer:

🌐 Socials:

LinkedIn

Pinned Loading

  1. ibb-istanbul-depremi-tahmini-2021 ibb-istanbul-depremi-tahmini-2021 Public

    İBB İstanbul Depremi Tahmini (2021, Haritalandırılmış)

    JavaScript 28 1

  2. phwaf phwaf Public

    AliGuard PHP WAF

    CSS 11 8

  3. pyshadow pyshadow Public

    Python ShadowCopy Analyzer for Cyber Security Researchers!

    Python 5 1

  4. pymem pymem Public

    PyMem - Memory Acquisition Tool

    Python

  5. SandAnalyze SandAnalyze Public

    Simulate Windows EXE for Malware Research!

    Python 17 3